Hi there. I've a little lan explained in attach. I want the client can go to the private lan (using owner software) i added default gateway in the client (see attach). Now the client must use firewall client to have the capabilities for mail (Outlook/Outlook Express) but if firewall is enabled client can't use private lan but can use internet. If i check "discover isa server automatically" (or similar) can't use mail but can use private lan and internet. If i uncheck "discover isa server automatically" (or similar)can't use provate lan but can use private lan and internet.
There is a setting on ISA Server i must make to have this configuration works well?
Help me to have the optimal configuration for use Mail, Internet and private lan.. (in the "exlude this site for use proxy" box in the client i have put the address of private lan) Thanx a lot friends!
I read your post but i can't do some things you wrote.
I can't change IP of internal lan because is not mine! First of all the lan must use the router of private lan (172.24.169.1) to connect to another lan outside the office.
I read the article you advice me and about the first i'll change some features on ISA like the order of listed interface and uncheck some another features in the North/Public interface, but i think don't resolve my primary problem namely using both router one for internet and one for private lan.
If i succeed in this trouble, after i can intent to resolve the other problem namely using mail client...
You can is possible using both router not change the address ip of lan?
Definitively i can't change nothing in the lan but only the setting on Isa server (there are no AD-Domain in the lan) and i can change the settings on the client..
you seems to be rather new to ISA server. So, I will try to explain what you have to do in more detail.
1) Because ISA server is installed in integrated mode, the internal and external interface *must* have different networkIDs. Because you can't change the internal LAN 172.24.0.0/16 you *MUST* change the ISA external interface and the Router Public Internet. The external interface MUST have a different networkID. Here you have no choice at all! Because you have used a Class B network for the internal LAN, I assume you don't have that much hosts. Maybe you can subnet (split) it into two pieces and use one part for the internal and the other part for the external interface.
2) The Private WAN is connected to your internal network. That means you completely trust the private WAN *and* all networks behind it. Therefore, you have to include all the networkID's reachable through the Private WAN in the LAT on ISA server, or at least those that must be reachable for the clients belonging to the internal LAN 172.24.0.0/16 .
3) If you configure the clients as Web Proxy and Firewall clients, you can configure the default gateway on the clients with the IP address of the Router Private LAN/WAN. However, I have some questions: a) Do you have a need to publish services too? b) Should the clients on the Private WAN also have access through the ISA server to the Internet? c) Do you have an extra interface available on the Router Private LAN/WAN?
Hi Stefaan. Yes i'm a newbie of Isaserver, but i like it and i want study ot for running as well is possible in my lan.
Here my answers:
a) Do you have a need to publish services too? No b) Should the clients on the Private WAN also have access through the ISA server to the Internet? Yes, the client must use Isa to use Internet c) Do you have an extra interface available on the Router Private LAN/WAN? No, because the router is not mine but the ISP.
Ok, maybe my lan is not so simple to configure because i can't changing nothing in private router and public router...
I can ask to the ISP if they can change the Ip of the Public router...if is possible i can configure the clients using private lan and using Internet via Isaserver? (changing external interface)